Search

CN-119622699-B - Data security management method, device, electronic equipment and computer readable medium

CN119622699BCN 119622699 BCN119622699 BCN 119622699BCN-119622699-B

Abstract

The application relates to a data security management method, a data security management device, an electronic device and a computer readable medium. The method comprises the steps of constructing a data identity record library, wherein the data identity record library is accessed to a cloud server in a local area, respectively configuring identity tags for access equipment in the local area, transmission data of the access equipment and storage data of the access equipment through the data identity record library to obtain a plurality of identity tags of the access equipment, and storing the identity tags and the storage data of the access equipment in the data identity record library. The application builds the data identity record library for data management, and respectively configures the identity tags in the equipment access, data transmission and data storage, thereby being more beneficial to providing omnibearing information security guarantee and solving the personal information security problem of users in a local area range.

Inventors

  • MOU GUIXIAN
  • ZHANG ZHENYU
  • RUAN WENWEI

Assignees

  • 珠海格力电器股份有限公司

Dates

Publication Date
20260508
Application Date
20241121

Claims (9)

  1. 1. A data security management method applied to a cloud server of a miniaturized local area network, the method comprising: Constructing a data identity record library, wherein the data identity record library is accessed to a cloud server in a local range, and the data identity record library is used for data storage, identity calibration information storage and equipment identity verification; Respectively configuring identity tags for access equipment, transmission data of the access equipment and storage data of the access equipment in a local area range through the data identity record library to obtain a plurality of identity tags of the access equipment, wherein the identity tags of the access equipment are used for enabling each access equipment to have independent identities, the identity tags of the transmission data are used for enabling the transmission data to be not intercepted in the transmission process, and the identity tags of the storage data are used for enabling the storage data to be not deciphered; Storing a plurality of said identity tags and said stored data of said access device in said data identity record repository; The method comprises the steps of respectively configuring identity labels for access equipment in a local area, transmission data of the access equipment and storage data of the access equipment through the data identity record library to obtain a plurality of identity labels of the access equipment, carrying out first identity calibration on the access equipment in the local area through a preset encryption algorithm in the data identity record library to obtain a first identity label of the access equipment, carrying out second identity calibration on the transmission data of the access equipment in the data transmission process through the preset encryption algorithm in the data identity record library to obtain a second identity label of the access equipment, storing the transmission data into the data identity record library, and carrying out third identity calibration on the storage data of the access equipment through the preset encryption algorithm in the data identity record library to obtain a third identity label of the access equipment.
  2. 2. The method for data security management according to claim 1, wherein the performing, by a preset encryption algorithm in the data identity record repository, the first identity calibration on each access device in a local area range includes: Acquiring a device access request of each access device to the cloud server in a local range through the data identity record library; Based on the equipment access request, performing MD5 hash calculation on each access equipment according to an MD5 code generation rule set in the data identity record library, and configuring a first independent label for each access equipment; and carrying out first identity calibration on the corresponding access equipment based on the first independent label to obtain a first identity label of the access equipment.
  3. 3. The method for data security management according to claim 1, wherein the performing, by a preset encryption algorithm in the data identity record repository, the second identity calibration on the transmission data of each access device in the data transmission process includes: Acquiring the transmission data of each access device, wherein the transmission data of each access device is transmitted in parallel based on a single-link multichannel mode; performing MD5 hash calculation on each transmission data according to an MD5 code generation rule set in the data identity record library, and configuring a second independent label for each transmission data; and carrying out second identity calibration on the transmission data of the corresponding access equipment based on the second independent label to obtain a second identity label of the access equipment.
  4. 4. The method for data security management according to claim 1, wherein storing the transmission data in the data identity record repository, and performing a third identity calibration on the stored data of each access device by using a preset encryption algorithm in the data identity record repository, includes: Storing the transmission data of each access device into a data storage table in the data identity record library to obtain the storage data; Respectively performing MD5 hash calculation on each piece of stored data according to MD5 code generation rules set in the data identity record library, and configuring a third independent label for each piece of stored data; and carrying out third identity calibration on the corresponding stored data based on the third independent label to obtain a third identity label of the access equipment.
  5. 5. The data security management method of claim 2, wherein prior to the first identity calibration of the corresponding access device based on the first independent tag, the method further comprises: performing label check duplication judgment on the first independent labels of the access devices through the data identity record library; If the first independent labels of at least two access devices are the same, reassigning the first independent labels of the access devices; And if the first independent labels of the access devices are different, performing first identity calibration of the access devices.
  6. 6. The data security management method according to any one of claims 1 to 5, further comprising: Acquiring a data reading request sent by equipment to be accessed to the cloud server, and determining an identity tag and request data of the equipment to be accessed based on the data reading request; Checking the identity label of the equipment to be accessed through the data identity record library, and detecting whether the identity label of the equipment to be accessed is stored in the data identity record library; if the identity tag of the equipment to be accessed is stored in the data identity record library, a plurality of identity tags corresponding to the request data are checked and sent, and data reading is carried out based on the plurality of identity tags of the request data; And if the identity label of the equipment to be accessed is not stored in the data identity record library, the verification fails, and the equipment to be accessed is forbidden to read data.
  7. 7. A data security management apparatus for implementing the data security management method according to any one of claims 1 to 6, characterized in that the apparatus comprises: the construction module is used for constructing a data identity record library, and the data identity record library is accessed to a cloud server in a local range; The tag configuration module is used for respectively configuring identity tags for the access equipment in the local area range, the transmission data of the access equipment and the storage data of the access equipment through the data identity record library to obtain a plurality of identity tags of the access equipment; And the storage module is used for storing the plurality of identity tags of the access equipment and the storage data in the data identity record library.
  8. 8. An electronic device comprising a memory, a processor, a communication interface and a communication bus, said memory storing a computer program executable on said processor, said memory, said processor communicating with said communication interface via said communication bus, characterized in that said processor implements the data security management method according to any of the preceding claims 1 to 6 when executing said computer program.
  9. 9. A computer readable medium having non-volatile program code executable by a processor, the program code causing the processor to perform the data security management method of any of claims 1 to 6.

Description

Data security management method, device, electronic equipment and computer readable medium Technical Field The present application relates to the field of data security technologies, and in particular, to a data security management method, a device, an electronic apparatus, and a computer readable medium. Background At present, various devices in a building scene want to realize control at a cloud end, and a cloud server for transmitting information in a centralized manner is needed to build a hub for transmitting information between the devices and an upper computer. Today, the continuing trend in the building field of digitization is significant, and security of data relating to building control faces greater challenges. Unlike cloud products of wide area internet in the market, users prefer to store data in a miniaturized local area network cloud server of a dedicated building system, and the main reason is that users have the concerns of safe data storage, safe data transmission and safe access equipment, and the data is considered to be protected from a lot of unnecessary security attacks in the miniaturized local area network. The concept that data are not delivered is proposed in large building disputes such as factories and office buildings. Because the network boundary of the cloud server of the miniaturized local area network is relatively closed, protection technologies such as firewall, TLS encryption and the like are mainly implemented. However, these protection techniques are not suitable for building control systems, for example, the firewall has the characteristic of limiting internal access to an untrusted source to protect an access layer, but the one-cut processing mode brings inconvenience to building control systems by frequently adding access equipment. For another example, TLS encryption only protects information at a transmission layer, does not protect data information of an access layer and a storage layer, and can intercept all transmission information of a single link after encryption of the link is broken. Therefore, the data security of the cloud server of the miniaturized local area network is still to be improved in the processes of equipment access, data storage, transmission, reading and the like. Disclosure of Invention The application provides a data security management method, a data security management device, electronic equipment and a computer readable medium, which are used for solving the technical problem that a cloud server of a small-sized local area network in the prior art is low in data security in the processes of equipment access, data transmission, storage and reading. According to one aspect of the embodiment of the application, the method comprises the steps of constructing a data identity record library, configuring identity labels for access equipment in a local area range, transmission data of the access equipment and storage data of the access equipment respectively through the data identity record library to obtain a plurality of identity labels of the access equipment, and storing the identity labels and the storage data of the access equipment in the data identity record library. The method comprises the steps of obtaining a plurality of identity labels of access equipment, wherein the identity labels are respectively configured for the access equipment in a local area range, transmission data of the access equipment and storage data of the access equipment through a data identity record library, the method comprises the steps of carrying out first identity calibration on the access equipment in the local area range through a preset encryption algorithm in the data identity record library to obtain a first identity label of the access equipment, carrying out second identity calibration on the transmission data of the access equipment in a data transmission process through the preset encryption algorithm in the data identity record library to obtain a second identity label of the access equipment, storing the transmission data into the data identity record library, and carrying out third identity calibration on the storage data of the access equipment through the preset encryption algorithm in the data identity record library to obtain a third identity label of the access equipment. The method comprises the steps of obtaining a device access request of each access device in a local area range to access the cloud server through the data identity record library, carrying out MD5 hash calculation on each access device according to an MD5 code generation rule set in the data identity record library based on the device access request, configuring a first independent label for each access device, and carrying out first identity calibration on the corresponding access device based on the first independent label to obtain a first identity label of the access device. Optionally, the performing second identity calibration on the transmission data of each acce